Andrea, AndreaC. wrote: > so the suggestion to use the the AppendOnly flag seams to be acceptable.
Ok. Be aware, though, that this flag is merely a hint to the signing software and enforces nothing at a specification "SHALL" level. AndreaC. wrote: > When the append mode is turned on, and the document t0-length was stored, > is correct to refer to [0, t0-length] stream as the original document? AFAIK yes... well, more exactly (as you start at index 0): [0, t0-length - 1] aka [0, t0-length). That's what appending is all about after all. AndreaC. wrote: > If yes, is it possible to understand if (t0-length, t1-length] stream > refers only to the signature and not to new pdf-data? [t0-length, t1-length) This is a very interesting question... "interesting" as in "May you live in interesting times"... ;) It is hard to implement if you do not have any control concerning the signing details at all. It means you have to parse the appended data and check whether it implies any changes beyond those done for signing by any of the probably used signing programs. And then there remains the question whether the signing itself was done in an acceptable manner. E.g. you maybe don't want such the visualization of a signature to cover any relevant content. But what is relevant content? How can you distinguish between page filling relevant graphics and a non-relevant background stationary graphic whenever the signature visualization is added atop some graphic? If you have to solve all this in a general context, i.e. without being able to make any simplifying assumptions, don't dream about finishing your assignment this year... Regards, Michael. -- View this message in context: http://itext-general.2136553.n4.nabble.com/HASH-of-PDF-strip-out-of-signature-tp3859233p3859620.html Sent from the iText - General mailing list archive at Nabble.com. ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2dcopy2 _______________________________________________ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions iText(R) is a registered trademark of 1T3XT BVBA. Many questions posted to this list can (and will) be answered with a reference to the iText book: http://www.itextpdf.com/book/ Please check the keywords list before you ask for examples: http://itextpdf.com/themes/keywords.php
